Industry News
Hackers steal $200K from gambling app
In an alarming blow to online gambling industry, hackers managed to pocket 40,000 EOS ($200,000) from the operating wallet of EOS gambling dApp. Interestingly the app declared itself the safest just a few days ago. It is believed that hackers exploited the security chinks in its smart contracts.
An EOSBet spokesperson said: “A few hours ago, we were attacked, and about 40,000 EOS was taken from our bankroll. This bug was not minor as was stated previously, and we are still doing forensics and piecing together what happened.”
EOSBet devs have since taken the dApp offline while they figure out exactly what happened. A spokesperson does admit that hackers were only successful due to a fault in its code.
“[EOSBet] should be back online relatively quickly. We have narrowed down the bug to a faulty assertion statement in our code.” the EOSBet spokesperson added. “After talking with other developers and BPs, it seems like other games were also attacked using this same exact code (abi forwarder.)”
It appears hackers were able to call EOSBet’s “transfer” function externally, using a fake hash. This tricked EOSBet’s system into illegitimately sending a huge amount of EOS. A keen-eyed Redditor was the first to share the discovery. Hard Fork has since corroborated the hack is indeed authentic.
Taking a look at the EOS blockchain, though, we can see some curious events. It seems scammers, inspired by Twitter’s cryptocurrency scambots, have invaded the EOS blockchain in order to take advantage of the current chaos.
Small amounts of EOS have been sent to the attacker’s account with some threatening messages attached. Using an account name very similar to the official EOSBet wallet, someone is sending seemingly official communication in a bid to appear legit:
Memo: Please refund the illegal income eos, otherwise we will hire a team of lawyers in China to pursue all criminal liability and losses to you. Eosbet official eos account: eosbetdicell.
Then, the fake account proceeds to offer a reimbursement service in order to capitalise on the developing situation. Scammers are attempting to trick users into believing that EOSBet is reimbursing customers for any funds stolen. At time of writing, EOSBet has made no such declarations.
Note, the official EOSBet account is “eosbetdice11”, not “eosbetdicell.” Pretty sneaky.
Another reads:
Memo: Dear players: In order to make up for the loss of eosbet players in the hacking incident, the platform launched a recharge to send BET. 1EOS=1BET, the official eos account: eosbetdicell, the transfer will automatically give the same BET.
It remains unclear if today’s breach is somehow connected to other unusual activity taking place on EOSBet in the past few days. Earlier this week, a lucky gambler claimed over $600,000 from EOSBet by doubling their money repeatedly over a 36 hour period.
For what it is worth, at the time, an EOSBet spokesperson was absolutely adamant that the platform had not been hacked and that all bets on the platform were legitimate, including that $600,000.
Source: TNW
-
Africa6 days ago
Altenar obtains National Manufacturer licence in South Africa
-
Industry News4 days ago
Pennsylvania Skill, powered by Pace-O-Matic, congratulates PA Gaming Control Board and casinos on a banner 2024 with record monthly revenue
-
Latest News4 days ago
FBM Foundation spreads holiday cheer with initiatives in Brazil and the Philippines
-
Australia5 days ago
AUSTRAC Takes Ladbrokes and Neds’ Operator – Entain – to Federal Court Over Serious Non-compliance with Australia’s Money Laundering Laws
-
eSports6 days ago
GRID Joins IBIA as an Associate Member, Strengthening Esports Integrity
-
Interviews6 days ago
FTDx Wins Xanada Startup Contest: Unlocking Untapped iGaming Traffic with Innovative Monetization Solutions
-
Asia3 days ago
India Levels Up: Emerging as a Global Gaming Powerhouse in 2024
-
Latest News5 days ago
Join the Danish Problem Gambling Committee’s Online Conference: A Critical Conversation on Problem Gambling Prevention and Treatment